silverstripe/cms Security Advisories for 3.1.0-beta2 (11)
-
[HIGH] Silverstripe CMS malicious file upload enables script execution
PKSA-znsz-m7d7-h56t CVE-2020-9309 GHSA-h77w-655f-6j3m
Affected version: <=4.5.0
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-ccyg-wwy5-yyd3 CVE-2020-9311 GHSA-2pw2-qpcp-m47x
Affected version: <=4.5.0
Reported by:
GitHub -
[HIGH] Silverstripe CMS information disclosure
PKSA-56d7-q47d-h34q CVE-2020-6164 GHSA-gm5x-hpmw-xpxg
Affected version: <=4.5.0
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-5p8s-br5x-fync CVE-2017-14498 GHSA-j696-6m57-mcrv
Affected version: <3.6.1
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS User Enumeration
PKSA-8wfk-kpg2-nsf4 CVE-2017-12849 GHSA-fwhr-g5r4-xgxf
Affected version: >=3.6,<3.6.1|<3.5.5
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS Open Redirect
PKSA-d4nc-b285-bshc CVE-2015-5062 GHSA-fh35-p8ph-p545
Affected version: <=3.1.13
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-k3cw-5yj1-rnwr CVE-2017-5197 GHSA-xmjh-wjc5-wg4h
Affected version: >=3.5.0,<3.5.2|<3.4.4
Reported by:
GitHub -
[MEDIUM] Silverstripe CMS XSS Vulnerability
PKSA-53v5-xxz5-2hk4 CVE-2015-8606 GHSA-gvc8-xjfp-6569
Affected version: =3.2.0|<=3.1.15
Reported by:
GitHub -
[MEDIUM] SS-2015-008: SiteTree Creation Permission Vulnerability
PKSA-tbcz-9q2k-1r4f GHSA-6hh6-59j2-qrxw
Affected version: >=3.0.0,<=3.0.11|>=3.1.0,<3.1.11
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[MEDIUM] SS-2015-003: History XSS Vulnerability
PKSA-d3xv-chbr-ng6f GHSA-r97r-64vp-fghm
Affected version: >=3.1.0,<=3.1.9
Reported by:
GitHub, FriendsOfPHP/security-advisories -
[HIGH] SS-2015-005: VirtualPage XSS
PKSA-pvwk-bm9n-rprc GHSA-3mm9-2p44-rw39
Affected version: >=3.1.0,<=3.1.9
Reported by:
GitHub, FriendsOfPHP/security-advisories